Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Systems and methods for facilitating user identity verification over a network

Active Publication Date: 2011-06-09
PAYPAL INC
View PDF13 Cites 55 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0010]To overcome the deficiencies of using biometric signatures alone for authentication, embodiments of the present disclosure facilitate coupling of something the user Has (e.g., biometric information) with something the user Knows (e.g., password). By combing the two types of information in a unique manner, for example, through the use of a high-level encryption technique, referred to as an effective zero knowledge proof of identity (eZKPI) algorithm, the benefits increase for both types of information.
[0012]Accordingly, by combing something the user Has with something the user Knows, confidence in verifying user identity may increase as viewed from an end-user application perspective (e.g., eCommerce, Banking, and / or Social Networking application). Use of the eZKPI algorithm enables use of biometric-based authentication for remote applications that may not have the capability to interpret biometric input data form the user.
[0013]In accordance with embodiments of the present disclosure, systems and methods for facilitating transactions over a network, including user identity verification, provide strong mutual authentication of web-client application to server application server, provide high-level encryption with use of the eZKPI algorithm, and provide session encryption key negotiation after authentication to continue encryption during communication.

Problems solved by technology

However, the assigned username and password may be easily compromised by a malicious intruder.
In contrast, a biometric signature is something that the user Has and is more difficult to forge and present as proof of identity on behalf of a true owner of a mobile device.
However, the end-user application running on that device may still require its own form of user authentication by asking the user to provide a username and password as proof of identity before accessing any applications.
Many applications on mobile devices are in this category simply because their backend application is not able to accept biometric input, and instead, they utilize a traditional username and password sign-on process.
These applications still depend on something the user Knows and may not benefit from what the user Has.
In some instances, this may increase the confidence of authenticating user identity and inhibit illicit access to personal data and information.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Systems and methods for facilitating user identity verification over a network
  • Systems and methods for facilitating user identity verification over a network
  • Systems and methods for facilitating user identity verification over a network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031]Embodiments of the present disclosure relate to facilitating network transactions and user identity verification over a network. In one implementation, embodiments of the present disclosure provide strong mutual authentication of client web application to server side application server, and vice versa. In another implementation, embodiments of the present disclosure provide session encryption key negotiation after authentication to continue encryption during the remainder of communication.

[0032]Embodiments of the present disclosure provide a high-level encryption technique, referred to as an effective zero knowledge proof of identity (eZKPI) algorithm.

[0033]FIG. 1 shows one embodiment of a block diagram of a system 100 adapted to facilitate network transactions, including user identity verification, over a network 160. As shown in FIG. 1, the system 100 includes at least one user device 120 (e.g., network communication device, such as a mobile phone) and at least one service p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

In accordance with embodiments of the present disclosure, systems and methods for facilitating network transactions including user identity verification over a network provide strong mutual authentication of client web application to server side application server, provide session encryption key negotiation after authentication to continue encryption during communication, and provide a high-level encryption technique referred to as an effective zero knowledge proof of identity (eZKPI) algorithm. In various implementations, the eZKPI algorithm is adapted to couple something the user Knows (e.g., a password) with something the user Has (e.g., a biometric signature) to create a stronger identity authentication proof for access to a mobile device and applications running on that device.

Description

RELATED APPLICATIONS[0001]This application claims priority to and benefit of Provisional Patent Application Ser. No. 61 / 285,115, entitled, “SYSTEMS AND METHODS FOR FACILITATING USER IDENTITY VERIFICATION OVER A NETWORK,” filed Dec. 9, 2009, which is incorporated herein by reference in its entirety.BACKGROUND[0002]1. Technical Field[0003]The present invention generally relates to network transactions and, more particularly, to facilitating user identity verification over a network.[0004]2. Related Art[0005]Mobile devices, such as cell phones, laptops, and tablet PCs, may be equipped with biometric devices to assist with user identity verification. These biometric devices may include fingerprint readers, voice analyzers, retina scanners, palm readers, and facial recognition devices. One purpose of adding biometric devices to mobile devices is to create higher confidence in verifying user identity when accessing the mobile device.[0006]Typically, a username and password are assigned to...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32G06F7/04
CPCH04L9/3218H04L9/3231H04L9/3273H04W12/06H04L2209/56H04L2209/80H04L63/0861H04L2209/38H04W12/068H04L9/50
Inventor MANSOUR, RASTA A.
Owner PAYPAL INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com